karaf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ff...@apache.org
Subject git commit: [KARAF-3058]add backing engine serivce for org.apache.karaf.jaas.modules.publickey.PublickeyLoginModule (cherry picked from commit 930593de4397903b23c5703b12d43624ce8f39fa)
Date Tue, 24 Jun 2014 04:07:21 GMT
Repository: karaf
Updated Branches:
  refs/heads/karaf-3.0.x 05f28b42d -> 34c0ac72d


[KARAF-3058]add backing engine serivce for org.apache.karaf.jaas.modules.publickey.PublickeyLoginModule
(cherry picked from commit 930593de4397903b23c5703b12d43624ce8f39fa)


Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/34c0ac72
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/34c0ac72
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/34c0ac72

Branch: refs/heads/karaf-3.0.x
Commit: 34c0ac72d65b4df607e530129654b29dd2e8a33a
Parents: 05f28b4
Author: Freeman Fang <freeman.fang@gmail.com>
Authored: Tue Jun 24 12:04:24 2014 +0800
Committer: Freeman Fang <freeman.fang@gmail.com>
Committed: Tue Jun 24 12:06:09 2014 +0800

----------------------------------------------------------------------
 .../publickey/PublickeyBackingEngine.java       | 258 +++++++++++++++++++
 .../PublickeyBackingEngineFactory.java          |  64 +++++
 .../OSGI-INF/blueprint/karaf-jaas-module.xml    |   5 +
 3 files changed, 327 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/karaf/blob/34c0ac72/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngine.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngine.java
b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngine.java
new file mode 100644
index 0000000..2693ab0
--- /dev/null
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngine.java
@@ -0,0 +1,258 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.karaf.jaas.modules.publickey;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.felix.utils.properties.Properties;
+import org.apache.karaf.jaas.boot.principal.GroupPrincipal;
+import org.apache.karaf.jaas.boot.principal.RolePrincipal;
+import org.apache.karaf.jaas.boot.principal.UserPrincipal;
+import org.apache.karaf.jaas.modules.BackingEngine;
+import org.apache.karaf.jaas.modules.encryption.EncryptionSupport;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class PublickeyBackingEngine implements BackingEngine {
+
+    private static final transient Logger LOGGER = LoggerFactory.getLogger(PublickeyBackingEngine.class);
+
+    
+    private Properties users;
+   
+
+    /**
+     * Constructor
+     *
+     * @param users
+     */
+    public PublickeyBackingEngine(Properties users) {
+        this.users = users;
+    }
+
+    
+
+    @Override
+    public void addUser(String username, String publickey) {
+        if (username.startsWith(GROUP_PREFIX))
+            throw new IllegalArgumentException("Prefix not permitted: " + GROUP_PREFIX);
+
+        addUserInternal(username, publickey);
+    }
+
+    private void addUserInternal(String username, String publickey) {
+        String[] infos = null;
+        StringBuffer userInfoBuffer = new StringBuffer();
+
+        String newPublickey = publickey;
+
+        String userInfos = (String) users.get(username);
+
+        //If user already exists, update publickey
+        if (userInfos != null && userInfos.length() > 0) {
+            infos = userInfos.split(",");
+            userInfoBuffer.append(newPublickey);
+
+            for (int i = 1; i < infos.length; i++) {
+                userInfoBuffer.append(",");
+                userInfoBuffer.append(infos[i]);
+            }
+            String newUserInfo = userInfoBuffer.toString();
+            users.put(username, newUserInfo);
+        } else {
+            users.put(username, newPublickey);
+        }
+
+        try {
+            users.save();
+        } catch (Exception ex) {
+            LOGGER.error("Cannot update users file,", ex);
+        }
+    }
+
+    @Override
+    public void deleteUser(String username) {
+        // delete all its groups first, for garbage collection of the groups
+        for (GroupPrincipal gp : listGroups(username)) {
+            deleteGroup(username, gp.getName());
+        }
+
+        users.remove(username);
+
+        try {
+            users.save();
+        } catch (Exception ex) {
+            LOGGER.error("Cannot remove users file,", ex);
+        }
+    }
+
+    @Override
+    public List<UserPrincipal> listUsers() {
+        List<UserPrincipal> result = new ArrayList<UserPrincipal>();
+
+        for (Object user : users.keySet()) {
+            String userName = (String) user;
+            if (userName.startsWith(GROUP_PREFIX))
+                continue;
+
+            UserPrincipal userPrincipal = new UserPrincipal(userName);
+            result.add(userPrincipal);
+        }
+        return result;
+    }
+
+    @Override
+    public List<RolePrincipal> listRoles(Principal principal) {
+        String userName = principal.getName();
+        if (principal instanceof  GroupPrincipal) {
+            userName = GROUP_PREFIX + userName;
+        }
+        return listRoles(userName);
+    }
+
+    private List<RolePrincipal> listRoles(String name) {
+
+        List<RolePrincipal> result = new ArrayList<RolePrincipal>();
+        String userInfo = (String) users.get(name);
+        String[] infos = userInfo.split(",");
+        for (int i = 1; i < infos.length; i++) {
+            String roleName = infos[i];
+            if (roleName.startsWith(GROUP_PREFIX)) {
+                for (RolePrincipal rp : listRoles(roleName)) {
+                    if (!result.contains(rp)) {
+                        result.add(rp);
+                    }
+                }
+            } else {
+                RolePrincipal rp = new RolePrincipal(roleName);
+                if (!result.contains(rp)) {
+                    result.add(rp);
+                }
+            }
+        }
+        return result;
+    }
+
+    @Override
+    public void addRole(String username, String role) {
+        String userInfos = (String) users.get(username);
+        if (userInfos != null) {
+            for (RolePrincipal rp : listRoles(username)) {
+                if (role.equals(rp.getName())) {
+                    return; 
+                }
+            }
+            String newUserInfos = userInfos + "," + role;
+            users.put(username, newUserInfos);
+        }
+        try {
+            users.save();
+        } catch (Exception ex) {
+            LOGGER.error("Cannot update users file,", ex);
+        }
+    }
+
+    @Override
+    public void deleteRole(String username, String role) {
+        String[] infos = null;
+        StringBuffer userInfoBuffer = new StringBuffer();
+
+        String userInfos = (String) users.get(username);
+
+        //If user already exists, remove the role
+        if (userInfos != null && userInfos.length() > 0) {
+            infos = userInfos.split(",");
+            String password = infos[0];
+            userInfoBuffer.append(password);
+
+            for (int i = 1; i < infos.length; i++) {
+                if (infos[i] != null && !infos[i].equals(role)) {
+                    userInfoBuffer.append(",");
+                    userInfoBuffer.append(infos[i]);
+                }
+            }
+            String newUserInfo = userInfoBuffer.toString();
+            users.put(username, newUserInfo);
+        }
+
+        try {
+            users.save();
+        } catch (Exception ex) {
+            LOGGER.error("Cannot update users file,", ex);
+        }
+    }
+
+    @Override
+    public List<GroupPrincipal> listGroups(UserPrincipal user) {
+        String userName = user.getName();
+        return listGroups(userName);
+    }
+
+    private List<GroupPrincipal> listGroups(String userName) {
+        List<GroupPrincipal> result = new ArrayList<GroupPrincipal>();
+        String userInfo = (String) users.get(userName);
+        if (userInfo != null) {
+            String[] infos = userInfo.split(",");
+            for (int i = 1; i < infos.length; i++) {
+                String name = infos[i];
+                if (name.startsWith(GROUP_PREFIX)) {
+                    result.add(new GroupPrincipal(name.substring(GROUP_PREFIX.length())));
+                }
+            }
+        }
+        return result;
+    }
+
+    @Override
+    public void addGroup(String username, String group) {
+        String groupName = GROUP_PREFIX + group;
+        if (users.get(groupName) == null) {
+            addUserInternal(groupName, "group");
+        }
+        addRole(username, groupName);
+    }
+
+    @Override
+    public void deleteGroup(String username, String group) {
+        deleteRole(username, GROUP_PREFIX + group);
+
+        // garbage collection, clean up the groups if needed
+        for (UserPrincipal user : listUsers()) {
+            for (GroupPrincipal g : listGroups(user)) {
+                if (group.equals(g.getName())) {
+                    // there is another user of this group, nothing to clean up
+                    return;
+                }
+            }
+        }
+
+        // nobody is using this group any more, remote it
+        deleteUser(GROUP_PREFIX + group);
+    }
+
+    @Override
+    public void addGroupRole(String group, String role) {
+        addRole(GROUP_PREFIX + group, role);
+    }
+
+    @Override
+    public void deleteGroupRole(String group, String role) {
+        deleteRole(GROUP_PREFIX + group, role);
+    }
+
+}

http://git-wip-us.apache.org/repos/asf/karaf/blob/34c0ac72/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngineFactory.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngineFactory.java
b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngineFactory.java
new file mode 100644
index 0000000..7ad70a1
--- /dev/null
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngineFactory.java
@@ -0,0 +1,64 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.karaf.jaas.modules.publickey;
+
+import org.apache.felix.utils.properties.Properties;
+import org.apache.karaf.jaas.modules.BackingEngine;
+import org.apache.karaf.jaas.modules.BackingEngineFactory;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.io.File;
+import java.io.IOException;
+import java.util.Map;
+
+public class PublickeyBackingEngineFactory implements BackingEngineFactory {
+
+    private final Logger logger = LoggerFactory.getLogger(PublickeyBackingEngineFactory.class);
+
+    private static final String USER_FILE = "users";
+
+    /**
+     * Builds the Backing Engine
+     *
+     * @param options
+     * @return
+     */
+    public BackingEngine build(Map options) {
+        PublickeyBackingEngine engine = null;
+        String usersFile = (String) options.get(USER_FILE);
+
+        File f = new File(usersFile);
+        Properties users;
+        try {
+            users = new Properties(f);
+            engine = new PublickeyBackingEngine(users);
+        } catch (IOException ioe) {
+            logger.warn("Cannot open keys file:" + usersFile);
+        } finally {
+            return engine;
+        }
+    }
+
+    /**
+     * Returns the login module class, that this factory can build.
+     *
+     * @return
+     */
+    public String getModuleClass() {
+        return PublickeyLoginModule.class.getName();
+    }
+}

http://git-wip-us.apache.org/repos/asf/karaf/blob/34c0ac72/jaas/modules/src/main/resources/OSGI-INF/blueprint/karaf-jaas-module.xml
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/resources/OSGI-INF/blueprint/karaf-jaas-module.xml b/jaas/modules/src/main/resources/OSGI-INF/blueprint/karaf-jaas-module.xml
index b079902..49d194a 100644
--- a/jaas/modules/src/main/resources/OSGI-INF/blueprint/karaf-jaas-module.xml
+++ b/jaas/modules/src/main/resources/OSGI-INF/blueprint/karaf-jaas-module.xml
@@ -65,6 +65,11 @@
         <bean class="org.apache.karaf.jaas.modules.properties.PropertiesBackingEngineFactory"/>
     </service>
 
+    <!-- The Backing Engine Factory Service for the PublickeyLoginModule -->
+    <service interface="org.apache.karaf.jaas.modules.BackingEngineFactory">
+        <bean class="org.apache.karaf.jaas.modules.publickey.PublickeyBackingEngineFactory"/>
+    </service>
+    
     <service interface="org.apache.karaf.jaas.modules.EncryptionService" ranking="-1">
         <service-properties>
             <entry key="name" value="basic"/>


Mime
View raw message